Cisco Firepower Management Center (FMC)
App Vendor: Cisco
App Category: Network Security
Connector Version: 1.0.0
API Version: 1.0.0
About App
Cisco Firepower Management Center (FMC) is the administrative nerve center for select Cisco security products running on a number of different platforms. The Cisco FMC provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Cisco Firepower Management Center (FMC) app enables security teams to integrate with the enterprise version of Cisco Firepower Management Center (FMC) to get details about incidents and indicators.
The Cisco Firepower Management Center (FMC) app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Get Incident Details | This action retrieves the details of an incident. |
Get a List of Incidents | This action retrieves a list of incidents. |
Get Indicator Details | This action retrieves the details of an indicator. |
Get a List of Indicators | This action retrieves a list of indicators. |
Configuration Parameters
The following configuration parameters are required for the Cisco FMC app to communicate with the Cisco FMC enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL. | Text | Required | Base URL format: "https://<management_center_ip_or_name<:<port<" |
Username | Enter the username. | Text | Required | |
Password | Enter the password. | Password | Required | |
Verify Requests? | Optional preference to either verify or skip the TLS certificate verification. | Boolean | Optional | Allowed values:
Default value: False |
Action: Get a List of Incidents
This action retrieves a list of incidents.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain UUID | Enter the domain UUID. Example: "<Sample Domain UUID>" | Text | Required | |
Query Parameters | Enter the query parameters in key-value pairs to filter the data. Example: { "<Sample Key>": "<Sample value>" } | Key Value | Optional |
Example Request
[
{
"domain_uuid": "<Sample Domain UUID>",
"query_params":
{
"<Sample Key>": "<Sample value>"
}
}
]Action: Get a List of Indicators
This action retrieves a list of indicators.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Domain UUID | Enter the domain UUID. Example: "<Sample Domain UUID>" | Text | Required | |
Query Parameters | Enter the query parameters in key-value pairs to filter the data. Example: { "<Sample Key>": "<Sample value>" } | Key Value | Optional |
Example Request
[
{
"domain_uuid": "<Sample Domain UUID>",
"query_params":
{
"<Sample Key>": "<Sample value>"
}>
}
]Action: Get Incident Details
This action retrieves the details of an incident.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Incident ID | Enter the incident ID. Example: "<Sample Incident ID>" | Text | Required | You can retrieve the incident ID using Get a list of incidents action. |
Domain UUID | Enter the domain UUID. Example: "<Sample Domain UUID>" | Text | Required | |
Query Parameters | Enter the query parameters to filter the data in key-value pairs. Example: { "<Sample Key>": "<Sample value>" } | Key Value | Optional |
Example Request
[
{
"inc_id": "<Sample Incident ID>",
"domain_uuid": "<Sample Domain UUID>",
"query_params":
{
"<Sample Key>": "<Sample value>"
}
}
]Action: Get Indicator Details
This action retrieves the details of an indicator.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Indicator ID | Enter the indicator ID. Example: "<Sample Incident ID>" | Text | Required | You can retrieve the indicator ID using the Get a list of indicators action. |
Domain UUID | Enter the domain UUID. Example: "<Sample Domain UUID>" | Text | Required | |
Query Parameters | Enter the query parameters in key-value pairs to filter the data. Example: { "<Sample Key>": "<Sample value>" } | Key Value | Optional |
Example Request
[
{
"inc_id": "<Sample Incident ID>",
"domain_uuid": "<Sample Domain UUID>",
"query_params":
{
"<Sample Key>": "<Sample value>"
}
}
]